const jwt = require('jsonwebtoken');
const { JWT_SECRET } = require('../config');

class AuthHelper {
  // 生成JWT Token
  static generateToken(payload, expiresIn = '24h') {
    return jwt.sign(payload, JWT_SECRET, { expiresIn });
  }

  // 验证JWT Token
  static verifyToken(token) {
    try {
      return jwt.verify(token, JWT_SECRET);
    } catch (error) {
      throw new Error('无效的Token');
    }
  }

  // 移除敏感字段
  static sanitizeUser(user) {
    const userObj = user.toObject ? user.toObject() : user;
    delete userObj.password;
    delete userObj.__v;
    return userObj;
  }
}

module.exports = AuthHelper;
